DevOps Hunter Security Automation

Hey, dear Docker DevOps enthusiast! In this post we will discuss about docker security, docker service security, docker engine-level security, etc. SELinux is Security-Enhanced Linux it provides a mechanism for supporting access control security policies SELinux is a set of kernel modifications and user-space tools that have been added to various Linux distros. The 'root' user by default owns the processes spawned by a container are run. secgroup limits the disk quota. Security Issue Rotate your join-token for both worker and manager when there is a suspicion that someone might have got access to the token for adding managers to the cluster. Secretes are immutable in a docker swarm cluster. They cannot be updated sof if you want to modify the secret then you have to create a new secret file and update that to the existing service. step 1: First we need to Create new secret, step 2: Attach the newly created secret with an update option the service to use this n...

Hello, dear DevOps enthusiast, welcome back to DevOpsHunter learners site! In this post, we would like to explore the docker networking models and different types of network drivers and their benefits. What is Docker Networking? Understanding docker networking Docker provided multiple network drivers plugin installed as part of Library along with Docker installation. You have choice and flexibilities. Basically the classification happen based on the number of host participation. SinbleHost WILL  Let's see the types of network drivers in docker ecosystem. docker network overview Docker Contianers are aim to built tiny size so there may be some of the regular network commands may not be available. We need to install them inside containers. Issue #1 Inside my container ip or ifconfig not working, How to resolve 'ip' command not working? Solution: apt update; apt install -y iproute2 Issue #2: ping command not working how to resolve this ...

In this post, we will be discussing docker image creation, management and before jumping into this article if you do not yet install Docker? then, I also recommend you to go through my previous post where I've discussed how to install Docker-CE or Docker EE. I would like to expose most of the things related to Docker Images. Assuming that now you have everything ready! that means Docker engine up and running. What is all about Docker Image? According to docker docs -- An image is an executable package that includes everything needed to run an application -- the code, runtime, libraries, environment variables and configuration files. The runtime of a docker image is called a Docker container. In simple words, an Image is nothing but a stopped container! Let me put my understanding into a picture first and then we explore all these possible syntax and examples. Docker Image Life cycle Let us talk about the docker image that was built with multiple layers. Docke...

This is a quick tutorial on Docker UCP usage for User Management. Docker UCP provides us multiuser management and Role-based user control. which allows us to create and manage users and teams in an organization. Let's take a look over this user management in detail in this post. First, we create Organization then we associate a couple of teams then after that add users to those teams. Login to your UCP management console. Create an Organization on UCP Click on the 'user management' in the left side pane. User Management on UCP Now in the right pane work area, you can click on the 'Create Organization' top right button. Enter your organization name a single word without any spaces. even though you enter the name in Capitals it will convert into lower case and store it. Create Organization on UCP To complete it click on the 'Create' button. Once Organization is created it will be listed in the work area. Click on the newly created org...